Data theft is the unauthorized duplication or deletion of an organization's electronic information. Data theft is a growing phenomenon primarily caused by system administrators and office workers with access to technology such as database servers,

desktop computer A desktop computer, often abbreviated as desktop, is a personal computer designed for regular use at a stationary location on or near a desk (as opposed to a portable computer) due to its size and power requirements. The most common configuratio ...

s and a growing list of hand-held devices capable of storing digital information, such as

USB flash drive A flash drive (also thumb drive, memory stick, and pen drive/pendrive) is a data storage device that includes flash memory with an integrated USB interface. A typical USB drive is removable, rewritable, and smaller than an optical disc, and u ...

iPod The iPod is a series of portable media players and multi-purpose mobile devices that were designed and marketed by Apple Inc. from 2001 to 2022. The iPod Classic#1st generation, first version was released on November 10, 2001, about mon ...

s and even

digital camera A digital camera, also called a digicam, is a camera that captures photographs in Digital data storage, digital memory. Most cameras produced today are digital, largely replacing those that capture images on photographic film or film stock. Dig ...

s. Since employees often spend a considerable amount of time developing contacts, confidential, and

copyright A copyright is a type of intellectual property that gives its owner the exclusive legal right to copy, distribute, adapt, display, and perform a creative work, usually for a limited time. The creative work may be in a literary, artistic, ...

ed information for the company they work for, they may feel they have some right to the information and are inclined to copy or delete part of it when they leave the company, or misuse it while they are still in employment. Information can be sold and bought and then used by criminals and criminal organizations. Alternatively, an employee may choose to deliberately abuse trusted access to information for the purpose of exposing

misconduct Misconduct is wrongful, improper, or unlawful conduct motivated by premeditated or intentional purpose or by obstinate indifference to the consequences of one's acts. It is an act which is forbidden or a failure to do that which is required. Misc ...

by the employer. From the perspective of the society, such an act of

whistleblowing Whistleblowing (also whistle-blowing or whistle blowing) is the activity of a person, often an employee, revealing information about activity within a private or public organization that is deemed illegal, immoral, illicit, unsafe, unethical or ...

can be seen as positive and is protected by law in certain situations in some jurisdictions, such as the United States. A common scenario is where a sales person makes a copy of the contact

database In computing, a database is an organized collection of data or a type of data store based on the use of a database management system (DBMS), the software that interacts with end users, applications, and the database itself to capture and a ...

for use in their next job. Typically, this is a clear violation of their terms of employment. Notable acts of data theft include those by leaker

Chelsea Manning Chelsea Elizabeth Manning (born Bradley Edward Manning, December 17, 1987) is an American activist and whistleblower. She is a former United States Army soldier who was convicted by court-martial in July 2013 of violations of the Espionage ...

and self-proclaimed whistleblowers

Edward Snowden Edward Joseph Snowden (born June 21, 1983) is a former National Security Agency (NSA) intelligence contractor and whistleblower who leaked classified documents revealing the existence of global surveillance programs. Born in 1983 in Elizabeth ...

and Hervé Falciani.

Data theft methods

Thumbsucking

Thumbsucking, similar to podslurping, is the intentional use of a portable USB mass storage device, such as a

(or "thumbdrive"), to illicitly download confidential data from a network endpoint. A USB flash drive was allegedly used to remove highly classified documents about the design of U.S. nuclear weapons from a vault at Los Alamos without authorization.Zagorin, Adam "A breach in nuclear security."
Time, April 19, 2007. Retrieved April 21, 2007 The threat of thumbsucking has been amplified for a number of reasons, including the following: *The storage capacity of portable USB storage devices has increased. *The cost of high-capacity portable USB storage devices has decreased. *Networks have grown more dispersed, the number of remote network access points has increased and methods of network connection have expanded, increasing the number of vectors for network infiltration.

Investigating data theft

Techniques to investigate data theft include stochastic forensics,

digital artifact Digital artifact in information science, is any undesired or unintended alteration in data introduced in a digital process by an involved technique and/or technology. Digital artifact can be of any content types including text, audio, video, ...

analysis (especially of USB drive artifacts), and other

computer forensics Computer forensics (also known as computer forensic science) is a branch of digital forensics, digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital me ...

techniques.

References

External links

USBs' Giant Sucking SoundOnline Behaviours that can Lead to Data Theft
{{DEFAULTSORT:Data Theft Data security Theft Data laws

Data theft methods

Thumbsucking

Investigating data theft

See also

References

External links